cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-52975,https://securityvulnerability.io/vulnerability/CVE-2024-52975,Information Disclosure in Fleet Server by Elastic,"An information disclosure vulnerability exists in Fleet Server by Elastic, where sensitive data may be inadvertently logged at INFO and ERROR log levels. The exposed information depends on the enabled integrations, potentially leading to unintended data exposure. Users are urged to review their logging configurations and apply necessary updates to mitigate this risk.",Elastic,Fleet Server,9,CRITICAL,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-23T07:19:39.170Z,237
CVE-2024-43707,https://securityvulnerability.io/vulnerability/CVE-2024-43707,Information Disclosure in Kibana Affects Elastic Products,"A security issue in Kibana allows unauthorized users to access Elastic Agent policies, potentially exposing sensitive data. The extent of the information disclosure varies based on the enabled integrations for the Elastic Agent and their versions. This vulnerability could lead to unauthorized access to sensitive configurations, emphasizing the need for securing user permissions within the Kibana interface.",Elastic,Kibana,7.7,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-23T06:08:10.724Z,607
CVE-2024-43709,https://securityvulnerability.io/vulnerability/CVE-2024-43709,OutOfMemoryError Vulnerability in Elasticsearch Products by Elastic,"A vulnerability exists in Elasticsearch that stems from inadequate resource allocation limits. This issue can potentially result in an OutOfMemoryError, causing the application to crash when specific malicious SQL queries are executed. Users of impacted versions should apply the necessary security updates to mitigate this risk.",Elastic,Elastic,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-21T11:00:11.403Z,0
CVE-2024-37288,https://securityvulnerability.io/vulnerability/CVE-2024-37288,Deserialization vulnerability in Kibana can lead to arbitrary code execution,"A vulnerability in Kibana has been identified, stemming from a deserialization issue that may allow for arbitrary code execution. This flaw occurs specifically when Kibana attempts to process a maliciously crafted YAML document. Only instances of Kibana that leverage Elastic Security’s integrated AI tools and have seamlessly configured an Amazon Bedrock connector are impacted. Users of these features should exercise caution and apply security updates to mitigate potential risks associated with this vulnerability.",Elastic,Kibana,8.8,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-09-09T08:29:51.918Z,0
CVE-2024-37287,https://securityvulnerability.io/vulnerability/CVE-2024-37287,Prototype Pollution Vulnerability in Kibana Allows Arbitrary Code Execution,"Summary: A critical security flaw has been identified in Kibana, a popular open-source data visualization and exploration tool, with a vulnerability that allows attackers to execute arbitrary code. The vulnerability, tracked as CVE-2024-37287, has a critical severity rating and affects various Kibana environments, including self-managed installations, instances running the Kibana Docker image, and those on Elastic Cloud. Users are strongly advised to upgrade to Kibana version 8.14.2 or 7.17.23 to address the flaw and protect their systems. There are no known exploitations in the wild by ransomware groups at this time.",Elastic,Kibana,7.2,HIGH,0.0004900000058114529,false,,true,false,true,2024-08-07T08:09:08.000Z,,false,false,,2024-08-13T11:33:45.520Z,0
CVE-2024-23444,https://securityvulnerability.io/vulnerability/CVE-2024-23444,Unencrypted Private Keys Generated by elasticsearch-certutil CLI Tool,"A security flaw was identified in the elasticsearch-certutil CLI tool, specifically when utilizing the csr option to generate new Certificate Signing Requests. The vulnerability arises as the corresponding private key is saved unencrypted on disk, exposing it to potential unauthorized access, even in cases where the --pass parameter is included in the command. This oversight may lead to unauthorized use of sensitive data, posing significant risks to security.",Elastic,Elasticsearch,7.5,HIGH,0.0008699999889358878,false,,false,false,false,,,false,false,,2024-07-31T17:26:12.784Z,0
CVE-2024-37282,https://securityvulnerability.io/vulnerability/CVE-2024-37282,Elevated Privileges Granted Through API Key Reuse,"A security issue has been identified within Elastic Cloud Enterprise, where an API key initially created with limited privileges can be exploited to generate new API keys with elevated privileges. This vulnerability can potentially allow unauthorized access to sensitive operations and resources, posing significant risks to data integrity and security. Organizations utilizing Elastic Cloud Enterprise are advised to take immediate steps to review their key management practices and apply necessary updates or patches to mitigate this risk.",Elastic,Elastic Cloud Enterprise,8.1,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-28T04:58:18.200Z,0
CVE-2024-23450,https://securityvulnerability.io/vulnerability/CVE-2024-23450,Elasticsearch Crashes Due to Deeply Nested Pipeline Processing,"A flaw has been identified in Elasticsearch that impacts its stability during the processing of documents in deeply nested pipelines on ingest nodes. When such documents are processed, it can lead to a crash of the Elasticsearch node, interrupting service and potentially causing data unavailability.",Elastic,Elasticsearch,7.5,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2024-03-27T17:03:48.290Z,0
CVE-2024-23448,https://securityvulnerability.io/vulnerability/CVE-2024-23448,APM Server Logs Vulnerable to Sensitive Information Injection,"A security vulnerability exists in Elastic's APM Server that allows sensitive information to be captured in server logs. When an attempt to index a document fails in Elasticsearch, the APM Server logs the error response at an ERROR level, which may inadvertently include portions of the original document. This creates a potential risk of exposing private data through log files, especially if the documents being ingested contain sensitive information. Proper logging practices and sanitization of logs are recommended to mitigate risks associated with this issue.",Elastic,APM Server,7.5,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2024-02-07T21:37:45.908Z,0
CVE-2023-46675,https://securityvulnerability.io/vulnerability/CVE-2023-46675,Kibana Insertion of Sensitive Information into Log File,"A vulnerability in Elastic's Kibana could allow sensitive information to be unintentionally included in logs during error events, especially when debug-level logging is enabled. This logging behavior may expose account credentials, API keys, and private data related to Elastic Security integrations, creating potential security risks for affected users. Users are encouraged to upgrade to Kibana version 8.11.2 or later to mitigate the risk.",Elastic,Kibana,8,HIGH,0.0006200000061653554,false,,false,false,false,,,false,false,,2023-12-13T07:15:00.000Z,0
CVE-2023-46671,https://securityvulnerability.io/vulnerability/CVE-2023-46671,Kibana Insertion of Sensitive Information into Log File,"An information exposure vulnerability exists in Kibana, allowing sensitive data such as account credentials and API keys to be logged in case of errors during user interactions with an unhealthy Elasticsearch cluster. This issue arises infrequently, specifically during error conditions like circuit breaker or no shard exceptions. Users are advised to upgrade to Kibana version 8.11.1, which mitigates this risk by preventing sensitive information from being recorded in the logs.",Elastic,Kibana,8,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2023-12-13T07:15:00.000Z,0
CVE-2023-46673,https://securityvulnerability.io/vulnerability/CVE-2023-46673,Script Processor Vulnerability in Elasticsearch by Elastic,"A vulnerability has been identified in the script processor of the Ingest Pipeline in Elasticsearch, where malformed scripts can cause an Elasticsearch node to crash while executing the Simulate Pipeline API. This situation may result in service disruptions, underscoring the importance of ensuring script integrity before use.",Elastic,Elasticsearch,7.5,HIGH,0.0008800000068731606,false,,false,false,false,,,false,false,,2023-11-22T10:15:00.000Z,0
CVE-2021-37942,https://securityvulnerability.io/vulnerability/CVE-2021-37942,APM Java Agent Local Privilege Escalation,"A local privilege escalation vulnerability exists in the APM Java Agent, where an attacker on the system may attach a malicious plugin to applications utilizing the agent. This flaw allows the execution of code with escalated permissions, potentially leading to unauthorized access to sensitive data and system configuration.",Elastic,Elastic Apm Java Agent,7,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-22T01:33:48.984Z,0
CVE-2023-31417,https://securityvulnerability.io/vulnerability/CVE-2023-31417,Elasticsearch Insertion of sensitive information in audit logs,"Elasticsearch has a flaw that permits the exposure of sensitive information, such as passwords and tokens, in audit logs under specific conditions. While Elasticsearch is designed to filter out sensitive data before logging, this functionality fails with certain deprecated API URIs. Audit logging, which is disabled by default, must be enabled explicitly for this issue to become a concern. Even when logging is active, sensitive request bodies may only appear in logs if specifically configured, hence organizations need to be aware of these settings to prevent inadvertent data leaks.",Elastic,Elasticsearch,7.5,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-10-26T18:15:00.000Z,0
CVE-2023-31418,https://securityvulnerability.io/vulnerability/CVE-2023-31418,Elasticsearch uncontrolled resource consumption,"A vulnerability has been identified in Elasticsearch where unauthenticated users can disrupt the service. By sending a series of malformed HTTP requests, an attacker can trigger an OutOfMemory error causing the Elasticsearch node to terminate unexpectedly. Elastic Engineering has confirmed this issue but has found no evidence of exploitation in active environments. It is crucial for users to apply the necessary updates to mitigate this risk.",Elastic,Elasticsearch,7.5,HIGH,0.0012600000482052565,false,,false,false,false,,,false,false,,2023-10-26T18:15:00.000Z,0
CVE-2023-31419,https://securityvulnerability.io/vulnerability/CVE-2023-31419,Elasticsearch StackOverflow vulnerability,"A vulnerability has been identified in Elasticsearch's search API that permits an attacker to exploit a specially crafted query string. This flaw can lead to a stack overflow condition, which may result in denial of service, effectively making the affected Elasticsearch instances unresponsive. Users are encouraged to apply the latest security updates to mitigate this issue.",Elastic,Elasticsearch,7.5,HIGH,0.0020600000862032175,false,,false,false,true,2023-10-03T13:51:37.000Z,true,false,false,,2023-10-26T18:15:00.000Z,0
CVE-2023-31421,https://securityvulnerability.io/vulnerability/CVE-2023-31421,"Beats, Elastic Agent, APM Server, and Fleet Server Improper Certificate Validation issue","A vulnerability has been identified in which Beats, Elastic Agent, APM Server, and Fleet Server do not adequately verify server certificates when connecting to target IP addresses. While the signature of the certificate is checked, the validation process fails to confirm the server certificate's IP Subject Alternative Name (SAN) values against the actual IP being targeted. This lapse means that if configured to connect via an IP address instead of a hostname, the expected security checks are bypassed, potentially allowing unauthorized access.",Elastic,"Beats,Elastic Agent,APM Server,Fleet Server",7.5,HIGH,0.0009599999757483602,false,,false,false,false,,,false,false,,2023-10-26T04:15:00.000Z,0
CVE-2023-31422,https://securityvulnerability.io/vulnerability/CVE-2023-31422,Kibana Insertion of Sensitive Information into Log File,"A vulnerability has been identified in Elastic Kibana, where sensitive user information may be unintentionally recorded in logs during error events. This issue specifically affects Kibana version 8.10.0, particularly when utilizing JSON logging and certain pattern configurations that incorporate the %meta pattern. The logged error objects may include highly sensitive data such as authentication credentials, cookies, authorization headers, and query parameters, potentially revealing account details for users such as kibana_system and kibana-metricbeat. To mitigate this risk, users are advised to upgrade to Kibana 8.10.1, which addresses this logging issue.",Elastic,Kibana,7.5,HIGH,0.0014299999456852674,false,,false,false,false,,,false,false,,2023-10-26T02:15:00.000Z,0
CVE-2023-46667,https://securityvulnerability.io/vulnerability/CVE-2023-46667,Fleet Server Insertion of Sensitive Information into Log File,"An identified security issue in Fleet Server versions 8.10.0 to 8.10.2 has been found where sensitive enrolment tokens are logged in plain text. This exposure can enable unauthorized individuals to enroll agents into managing policies, potentially allowing them to access sensitive information stored within those policies, such as Elasticsearch and various third-party service secrets. Additionally, it poses a risk of malicious agents being able to relay bogus events back to Elasticsearch, thereby undermining the integrity and reliability of the data.",Elastic,Fleet Server,8.1,HIGH,0.0006000000284984708,false,,false,false,false,,,false,false,,2023-10-26T01:15:00.000Z,0
CVE-2023-31415,https://securityvulnerability.io/vulnerability/CVE-2023-31415,Arbitrary Code Execution Vulnerability in Kibana by Elastic,"In Kibana version 8.7.0, an arbitrary code execution vulnerability has been identified that allows an attacker with all privileges to the Uptime/Synthetics feature to send a specially crafted request. This request can execute arbitrary JavaScript code on the server, potentially allowing the attacker to run commands with the same permissions as the Kibana process. This poses a serious security risk, as it could enable unauthorized access to host systems and sensitive data.",Elastic,Kibana,8.8,HIGH,0.0016599999507889152,false,,false,false,false,,,false,false,,2023-05-04T00:00:00.000Z,0
CVE-2023-31414,https://securityvulnerability.io/vulnerability/CVE-2023-31414,Arbitrary Code Execution in Kibana by Elastic,"Kibana versions 8.0.0 through 8.7.0 are susceptible to an arbitrary code execution vulnerability. This flaw allows an attacker with write access to the Kibana YAML or environment configuration files to inject a malicious payload. Upon execution, this payload could run JavaScript code, enabling the attacker to execute arbitrary commands on the host machine with the same permissions as the Kibana process. This vulnerability emphasizes the importance of securing configuration files and managing user permissions to mitigate potential risks.",Elastic,Kibana,8.8,HIGH,0.0016599999507889152,false,,false,false,false,,,false,false,,2023-05-04T00:00:00.000Z,0
CVE-2022-38777,https://securityvulnerability.io/vulnerability/CVE-2022-38777,Privilege Escalation in Elastic Endpoint Security for Windows,"A vulnerability exists in the rollback feature of Elastic Endpoint Security for Windows. This issue could potentially enable unprivileged users to escalate their privileges, gaining access to the LocalSystem account. Such unauthorized elevation poses significant risks, allowing attackers to execute arbitrary commands and gain control over critical system functions.",Elastic,Elastic Endpoint Security,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-02-08T00:00:00.000Z,0
CVE-2022-38774,https://securityvulnerability.io/vulnerability/CVE-2022-38774,Privilege Escalation Vulnerability in Elastic Endpoint Security by Elastic,"A security flaw in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows could be exploited by unprivileged users to gain elevated privileges, potentially allowing them to operate with the same permissions as the LocalSystem account. This vulnerability emphasizes the importance of securing access controls to prevent unauthorized privilege escalation.",Elastic,Elastic Endpoint Security And Elastic Endgame Security,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-01-26T21:15:00.000Z,0
CVE-2022-38775,https://securityvulnerability.io/vulnerability/CVE-2022-38775,Privilege Escalation Vulnerability in Elastic Endpoint Security for Windows,"A vulnerability was identified in the rollback feature of Elastic Endpoint Security for Windows, allowing unprivileged users to gain elevated privileges, potentially giving them control over sensitive system functions as if they were the LocalSystem account. This poses a significant risk for organizations relying on this software for endpoint protection, as it could be exploited to perform unauthorized actions and compromise system integrity.",Elastic,Elastic Endpoint Security,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-01-26T21:15:00.000Z,0
CVE-2022-23714,https://securityvulnerability.io/vulnerability/CVE-2022-23714,Local Privilege Escalation in Elastic Endpoint Security for Windows,"A local privilege escalation vulnerability has been identified within the ransomware canaries feature of Elastic Endpoint Security for Windows. This issue could potentially enable unauthorized users to escalate their privileges to the LocalSystem account, compromising system security and potentially leading to further unauthorized actions within the system.",Elastic,Endpoint Security,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-07-06T13:57:27.000Z,0